Comments (12)
Use the new shasum summary file option
from checksum-maven-plugin.
*Edit
my bad, checkable sums are being stored in artifacts-checksums.sha
Is this the only option? I would prefer to have individual *.sha256 files to be properly formatted
from checksum-maven-plugin.
Please provide samples. It is unclear what you are asking for or what is going wrong.
from checksum-maven-plugin.
samples:
your plugin produces *.sha256 file with following content:
775631779dbfdbdc164659e39ac6253fcefbec680b318fa6ad1bd56727a2792d
if I'll run
sha256sum -c README.sha256
I'll get an error
no properly formatted SHA256 checksum lines found
same time
sha256sum README >README.sha
command will produce README.sha with following content
775631779dbfdbdc164659e39ac6253fcefbec680b318fa6ad1bd56727a2792d README
then it can be verified using
sha256sum -c README.sha
from checksum-maven-plugin.
What you are looking for is the summary file. Use something like the following in your pom file.
<plugin>
<groupId>net.ju-n.maven.plugins</groupId>
<artifactId>checksum-maven-plugin</artifactId>
<version>1.3</version>
<executions>
<execution>
<id>checksum-artifacts</id>
<phase>package</phase>
<goals>
<goal>artifacts</goal>
</goals>
<configuration>
<csvSummary>false</csvSummary>
<shasumSummary>true</shasumSummary>
<shasumSummaryFile>sha512-libs.sum/shasumSummaryFile>
<individualFiles>false</individualFiles>
<algorithms>
<algorithm>SHA-512</algorithm>
</algorithms>
<types>
<type>jar</type>
</types>
<scopes>
<scope>runtime</scope>
</scopes>
</configuration>
</execution>
</executions>
</plugin>
from checksum-maven-plugin.
Hello @bondolo,
sorry for keeping silence, your config will work for me as expected only if only one artifact per multi-module project will be produced.
What I need is to sign all project artifacts and produce 'individual' signatures, and give our user the straightforward algorithm on how it can be verified.
so I can put artifacts and signatures on our download page http://openmeetings.apache.org/downloads.html with instructions, and user can download/check it.
right now it is not possible, user need to compare hashes "visually"
maybe you can provide "linux compatible mode" for your plugin?
from checksum-maven-plugin.
ping :)
from checksum-maven-plugin.
I am using the plugin to generate shasum files from multiple artifacts which are then later checked with *nix shasum tool. This sounds to be exactly what you are looking for.
Perhaps you can post the checksum portion of your pom file?
from checksum-maven-plugin.
I should mention that the use case you describe is exactly why I got involved with this project and I do believe what we have should work for what you need.
from checksum-maven-plugin.
Thanks for the reply @bondolo :)
Here is the portion of pom.xml: https://github.com/apache/openmeetings/blob/3.2.x/pom.xml#L140
In the release I have at least 3 artifact per module (jar, source, javadoc)
and 4 main artifacts:
complete sources tgz+zip and complete binaries tgz+zip
from checksum-maven-plugin.
Hello @bondolo, any news on this? :)
from checksum-maven-plugin.
@bondolo ping :)
from checksum-maven-plugin.
Related Issues (20)
- artifacts mojo: only generate checksum for specific (attached) artifacts HOT 2
- Migrate from plexus-utils to maven-shared-utils HOT 1
- Use Java 8 signature in animal-sniffer
- artifacts mojo: allow to exclude extensions
- Should have an option to enable check of dependencies for pom project HOT 5
- blake3 HOT 1
- ignore line endings in text files HOT 1
- Contents should include checksum and filename in standard format HOT 9
- Documentation site cannot be reached HOT 1
- Goal "check" searchs the summary file in wrong folder HOT 2
- Handle no files gracefully HOT 1
- "files" goal should have "appendFilename" option
- checksum-maven-plugin "artifacts" appends wrong filename
- cannot get a file containing checksums
- Documentation site cannot be resolved HOT 2
- Changelog
- 12:00:42 Could not find credentials βnexus3.onap.org:10001β for optf-fgps-maven-docker-stage-master #21 12:00:42 copy managed file [optf-fgps-settings] to file:/w/workspace/optf-fgps-maven-docker-stage-master@tmp/config950102380339591617tmp 12:00:42 [optf-fgps-maven-docker-stage-master] $ /bin/bash /tmp/jenkins6209735274096598136.sh 12:00:42 ---> docker-login.sh 12:00:42 nexus3.onap.org:10001 12:00:42 Build step 'Execute shell' marked build as failure HOT 1
- Generate checksum for pom.xml with goal "artifacts" HOT 2
- ITs should not check for SHA1/MD5 HOT 1
- NullPointerException running checksum:dependencies with test scope dependencies. HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from checksum-maven-plugin.